CVE-2021-28847

EUVD-2021-15501
MobaXterm before 21.0 allows remote servers to cause a denial of service (Windows GUI hang) via tab title change requests that are sent repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
mobatekmobaxterm
𝑥
< 21.0
𝑥
= Vulnerable software versions
References
https://mobaxterm.mobatek.net/download-home-edition.html
https://mobaxterm.mobatek.net/preview.html
https://mobaxterm.mobatek.net/download-home-edition.html
https://mobaxterm.mobatek.net/preview.html